<?php 
session_start();
if (!isset($_SESSION['Username'])) {
                header("location:login.php");
        }
 ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Edit Vendors</title>
<link href="css/default.css" rel="stylesheet" type="text/css" />
<script language="JavaScript" src="scripts/rand_password.js"></script>
<?php include('includes/path.php'); ?>
<script Language="JavaScript">
<!--
function Blank_TextField_Validator()
{
	if (editVendor2.partid.value == "" || editVendor2.price.value == ""||editVendor2.quan.value == ""||editVendor2.description.value == "")
	{
	  // If null display and alert box
	   alert("Atleast one field was left blank!");
	  // Place the cursor on the field for revision
	   editVendor2.partID.focus();
	  // return false to stop further processing
	   return false;
	}
	
	else
	{
		var error = true;
		if (editVendor2.price.value == parseFloat(editVendor2.price.value) && (editVendor2.quan.value == parseInt(editVendor2.quan.value))) error = false;
		if(!error)
		{
			alert("Item Added!");
			editVendor2.submit();
			return true;
		}
		else  
		{
			alert("Invalid quantity or price!");
			return false;
		}
	}
}
-->
</script>

</head>

<body class="oneColFixCtrHdr">
<div id="container">
<?php include( 'includes/header.php' ); ?>
<?php include( 'includes/menu.php' ); ?>
<?php include ('includes/status.php'); ?>

  <div id="mainContent">
      
       <?php
	// This file inserts the following
	// variables: USER, PASS, DB
	include('db.php');

    ?>
	 <form action="editvendors.php" method="post" enctype="multipart/form-data" name="vendor" target="_parent"> 
       <?php
		if(isset($_SESSION['manager']) && $_SESSION['manager']) 
		{
			$TABLE = "Vendors";
			$ROW_NUMBER = 0;

			$CON = mysql_connect( $HOST, $USER, $PASS );

			if (!$CON)
			{
				die('Could not connect: ' . mysql_error());
			}
		
			mysql_select_db( $DB );
			
			$ROW_NUMBER = 0;
			$ShowEditedParts = '0';
			

			if(isset($_POST['submit']))//If user wants to edit parts
			{
				$numberOfRequest = (isset($_POST['numberOfParts']) ? htmlspecialchars($_POST['numberOfParts']) : '');
				$company = (isset($_POST['Company']) ? htmlspecialchars($_POST['Company']) : '');
				echo '<table style="width: 100%; border: 5px #aba groove;">';
				echo '<tr style="background-color: #77C48E;" align = "center"><th colspan=5>Editing Parts for  '.$company.'</th></tr>';
				echo '<tr style="background-color: #D6B376;"><th style="text-align: center;">Part ID</th><th style="width: 75px; text-align: center;">Cost</th><th style="text-align: center; width: 50px;">Qty</th><th style="text-align: center;">Description</th><th style="text-align: center;">Delete</th></tr>';
				while($numberOfRequest>0)
				{
					$numberOfRequest --;
					$tmp = (isset($_POST[$numberOfRequest]) ? htmlspecialchars($_POST[$numberOfRequest]) : '');
					if(!Empty($tmp))
					{
					
						$Part_ID = mysql_fetch_array(mysql_query('SELECT * FROM  Parts where part_id = "'.$tmp.'"'));
						
						echo '<tr style="background-color: #';
						if ( $ROW_NUMBER % 2 ){ echo 'FFF;"'; }
						else { echo 'DEDEDE;"'; }
						
						echo '><td style="padding-left: 5px;"><input name="PartID'.$ROW_NUMBER.'" type="text" value = "' . $Part_ID['part_id'] . ' "/></td>
						<td style="text-align: right;"><input name="cost'.$ROW_NUMBER.'" type="text" size="7" maxlength="7" value = "$' . $Part_ID['cost'] .  ' "/></td>
						<td style="text-align: right;"><input name="quantity'.$ROW_NUMBER.'" type="text" size="3" maxlength="3" value = "' . $Part_ID['inventory'] . '"/></td>
						<td style="text-align: center; padding-right: 5px;"><input name="description'.$ROW_NUMBER.'" type="text" size="50" maxlength="50" value = "'. $Part_ID['part_description'].'"/></td>
						<td style="text-align: center"><input type="checkbox" name="Edit'.$ROW_NUMBER.'" value="'.$Part_ID['part_id'].'"/></td></tr>';
						echo '<input type="hidden" name="oldPartID'.$ROW_NUMBER.'" value="'.$Part_ID['part_id'].'"">';
						$ROW_NUMBER++;
					}
				}
				echo '<input type="hidden" name="numberOfEdits" value="'.$ROW_NUMBER.'">';
				echo '<input type="hidden" name="member" value="'.$company.'">';
				echo '<tr><td colspan = 5 style="text-align: center;"><input type="submit" name = "editparts" value="Submit Changes"></td></tr>';
				echo '</table>';
			}
			else if(isset($_POST['editparts']))//User submitted edited parts
			{
				$ShowEditedParts = '1';
				$numberOfEditRequests = (isset($_POST['numberOfEdits']) ? htmlspecialchars($_POST['numberOfEdits']) : '');
				while($numberOfEditRequests>0)
				{
					$numberOfEditRequests --;
					$Edit = "Edit$numberOfEditRequests";
					$DeletePart = (isset($_POST[$Edit]) ? htmlspecialchars($_POST[$Edit]) : '');
					if(!Empty($DeletePart)) mysql_query("DELETE from Parts where part_id = '$DeletePart' ");
					else
					{
						$oldpartid = (isset($_POST["oldPartID$numberOfEditRequests"]) ? htmlspecialchars($_POST["oldPartID$numberOfEditRequests"]) : '');
						$newpartid = (isset($_POST["PartID$numberOfEditRequests"]) ? htmlspecialchars($_POST["PartID$numberOfEditRequests"]) : '');
						$description = (isset($_POST["description$numberOfEditRequests"]) ? htmlspecialchars($_POST["description$numberOfEditRequests"]) : '');
						$cost = (isset($_POST["cost$numberOfEditRequests"]) ? htmlspecialchars($_POST["cost$numberOfEditRequests"]) : '');
						$cost = str_replace("$","", $cost);
						$quantity = (isset($_POST["quantity$numberOfEditRequests"]) ? htmlspecialchars($_POST["quantity$numberOfEditRequests"]) : '');
						mysql_query('Update Parts set part_id = "'.$newpartid.'", cost= "'.$cost.'", part_description = "'.$description.'", inventory = "'.$quantity.'"  where part_id =  "'.$oldpartid.'"');
						
					}
				}

			}
			if(!isset($_POST['submit']))//If user wants to add a part
			{
				$company_name = (isset($_POST['member']) ? htmlspecialchars($_POST['member']) : '');
				if(isset($_POST['submit2'])) $company_name = (isset($_POST['submit2']) ? htmlspecialchars($_POST['submit2']) : '');
				
				$part = (isset($_POST['partid']) ? htmlspecialchars($_POST['partid']) : '');
				$quant = (isset($_POST['quan']) ? htmlspecialchars($_POST['quan']) : '');
				$cost = (isset($_POST['price']) ? htmlspecialchars($_POST['price']) : '');
				$cost = str_replace("$","",$cost);
				$desc = (isset($_POST['description']) ? htmlspecialchars($_POST['description']) : '');
				$Vendor_ID_To_Add_Part = (isset($_POST['addID']) ? htmlspecialchars($_POST['addID']) : '');
			
				if(!Empty($Vendor_ID_To_Add_Part ) && $ShowEditedParts == '0')
				{
					$company_name = $Vendor_ID_To_Add_Part;
					if(isset($_POST['submit2'])) $company_name = (isset($_POST['submit2']) ? htmlspecialchars($_POST['submit2']) : '');
					$Vendor_ID = mysql_fetch_array(mysql_query('SELECT * FROM  Vendors where company_name = "'.$company_name.'"'));
					mysql_query('INSERT INTO Parts (part_id,vendor_id,cost,part_description,inventory) VALUES ("'.$part.'","'.$Vendor_ID['vendor_id'].'","'.$cost.'","'.$desc.'","'.$quant.'")');
				}

				if ($company_name == 'Choose Vendor' || ((Empty($company_name)&& Empty($Vendor_ID_To_Add_Part )))&& $ShowEditedParts == '0' && !isset($_POST['submit2']))
				{
					$QRY = 'SELECT * FROM  Vendors ORDER BY company_name ASC';
					$RESULT = mysql_query($QRY);
					echo '<div  align ="center">
					<form action="editvendors.php" method="POST" enctype="multipart/form-data" name="editvendor1" target="_parent">
					<table style="width: 50%; border: 5px #aba groove;" align="center">
					<tr style="background-color: #77C48E;" align = "center"><th colspan=2>Edit Vendor</th></tr>';
					echo '<tr><td style="width:50%" align ="right"><p>Select Vendor to Edit: </p></td> ';           
					echo '<td><select name="member" class="dropdownmenus"><option selected>Choose Vendor</option>';
					while($ROW = mysql_fetch_array($RESULT))
					{
						echo ' <option text-align = "center">'.$ROW['company_name'].'</option>';
						$ROW_NUMBER++;
					}
					echo '</select></td></tr><tr><td colspan ="2" align ="center"><input name="vendor" type="submit" value="Edit Vendor" /></td></tr>';
					echo '</table></form></div>';
				}//end if
				else 
				{
					        $TABLE = "Parts";
							$Vendor_ID = mysql_fetch_array(mysql_query('SELECT * FROM  Vendors where company_name = "'.$company_name.'"'));
			
							$QRY = 'SELECT * FROM  '.$TABLE.' where vendor_id = "'.$Vendor_ID['vendor_id'].'"';
							echo '<table style="width: 100%; border: 5px #aba groove;">';
							echo '<tr style="background-color: #77C48E;" align = "center"><th colspan=5>Current Inventory for  '.$company_name.'</th></tr>';
							echo '<tr style="background-color: #D6B376;"><th style="text-align: center;">Part ID</th><th style="width: 75px; text-align: center;">Cost</th><th style="text-align: center; width: 50px;">Qty</th><th style="text-align: center;">Description</th><th style="text-align: center;">Edit</th></tr>';
							$RESULT = mysql_query($QRY);
							while($ROW = mysql_fetch_array($RESULT))
							{
								echo '<tr style="background-color: #';
								if ( $ROW_NUMBER % 2 ){ echo 'FFF;"'; }
								else { echo 'DEDEDE;"'; }
								echo '><td style="padding-left: 5px;">' . $ROW['part_id'] . '</td><td style="text-align: right;">$' . $ROW['cost'] .  '</td><td style="text-align: right;">' . $ROW['inventory'] . '</td><td style="text-align: center; padding-right: 5px;">' . $ROW['part_description'] . '</td>
								<td style="text-align: center"><input type="checkbox" name="'.$ROW_NUMBER.'" value="'.$ROW['part_id'].'"/></td></tr>';
								$ROW_NUMBER++;
							}
							echo '<tr><td colspan = 5 style="text-align: center;"><input type="submit" name = "submit" value="Edit Selected Parts"></td></tr>';
							echo '<input type="hidden" name="numberOfParts" value="'.$ROW_NUMBER.'">';
							echo '<input type="hidden" name="Company" value="'.$company_name.'">';
							echo '</table></form>';
					        
			
					echo '<hr>';
					echo '<div  align ="center">
					<form action="" method="POST" enctype="multipart/form-data" name="editVendor2" target="_parent">
					<table style="width: 50%; border: 5px #aba groove;" align="center">
					<tr style="background-color: #77C48E;" align = "center"><th colspan=2>Add Item</th></tr>';
					echo '<tr><td style="width:50%" align ="center"><p>Part ID: </p></td><td><input name="partid" type="text" size="25" maxlength="25"/></td></tr> ';           
					echo '<tr><td style="width:50%" align ="center"><p>Quantity: </p></td><td><input name="quan" type="text" size="25" maxlength="25"/></td></tr> ';
					echo '<tr><td style="width:50%" align ="center"><p>Price: </p></td><td><input name="price" type="text" size="25" maxlength="25"/></td></tr> ';
					echo '<tr><td style="width:50%" align ="center"><p>Description: </p></td><td><input name="description" type="text" size="25" maxlength="25"/></td></tr> ';
					echo '<tr><td colspan ="2" align ="center"><button type="button" value="'.$company_name.'"  onClick="Blank_TextField_Validator()">Add Item</button></td></tr>';
					
					echo '</table><input type="hidden" name="addID" value="'.$company_name.'""><input type="hidden" name="submit2" value="'.$company_name.'""></form></div>';
					
				}
			}
			mysql_close($CON);
			}
			else echo "Managers Only!";

	   ?>
	 
  <!-- end #mainContent --></div>
<?php include('includes/footer.php'); ?>
<!-- end #container --></div>
</body>
</html>
